Skype is a free (as in beer) voice over IP application. Many other VOIP applications exist, but some specific points make Skype very different, such as its peer-to-peer architecture, its ease to bypass firewalls and, last but not least, the impressive level of obfuscation that has been invested to prevent anybody from looking inside the software and its communications. This last point added to its increasing success gave birth to many myths on security issues around it.
This presentation will go through the many layers of protection that have been used to protect Skype internals. Tools and technics used to do so will also be presented. We will conclude this trip by showing some of those Skype little secrets.
Fabrice Desclaux works at the EADS/CRC in the SSI lab as a research engineer. He is the author of rr0d, the Rasta Ring 0 Debugger, the first OS independant ring 0 debugger.
Kostya Kortchinsky works at the EADS/CRC in the SSI lab as a research engineer. He used to manage the French academic CERT and has been credited several times for having found various flaws in Microsoft Windows.